Last active
April 16, 2019 14:58
-
-
Save monprin/c9352f32a6e7e02561a571f27d7ce274 to your computer and use it in GitHub Desktop.
Wireguard Namespace Debian & Ubuntu Test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| uname results: | |
| Linux debian-wg 4.9.0-8-amd64 #1 SMP Debian 4.9.144-3.1 (2019-02-19) x86_64 GNU/Linux | |
| Testing normal namespace... | |
| wg show info: | |
| interface: wg0 | |
| public key: <mullvad_public_key> | |
| private key: (hidden) | |
| listening port: 45020 | |
| peer: <mullvad_public_key> | |
| endpoint: 193.148.18.210:51820 | |
| allowed ips: 0.0.0.0/0, ::/0 | |
| Get google in default interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| Get google in wg interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| am.i.mullvad.net in default interface: | |
| 167.99.181.189 | |
| am.i.mullvad.net in wg interface: | |
| 193.148.18.211 | |
| Testing new namespace... | |
| wg show info: | |
| interface: wg0 | |
| public key: <mullvad_public_key> | |
| private key: (hidden) | |
| listening port: 39244 | |
| peer: <mullvad_public_key> | |
| endpoint: 193.148.18.210:51820 | |
| allowed ips: 0.0.0.0/0, ::/0 | |
| Get google in default interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| Get google in wg interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| am.i.mullvad.net in default interface: | |
| 167.99.181.189 | |
| am.i.mullvad.net in wg interface: | |
| curl: (6) Could not resolve host: am.i.mullvad.net # because I didn't setup DNS | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| uname results: | |
| Linux ubuntu-wg 4.15.0-47-generic #50-Ubuntu SMP Wed Mar 13 10:44:52 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux | |
| Testing normal namespace... | |
| wg show info: | |
| interface: wg0 | |
| public key: <mullvad_public_key> | |
| private key: (hidden) | |
| listening port: 58972 | |
| peer: <mullvad_public_key> | |
| endpoint: 193.148.18.210:51820 | |
| allowed ips: 0.0.0.0/0, ::/0 | |
| Get google in default interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| Get google in wg interface: | |
| curl: (28) Connection timed out after 10001 milliseconds | |
| am.i.mullvad.net in default interface: | |
| 68.183.198.174 | |
| am.i.mullvad.net in wg interface: | |
| curl: (28) Connection timed out after 10001 milliseconds | |
| Testing new namespace... | |
| wg show info: | |
| interface: wg0 | |
| public key: <mullvad_public_key> | |
| private key: (hidden) | |
| listening port: 54646 | |
| peer: <mullvad_public_key> | |
| endpoint: 193.148.18.210:51820 | |
| allowed ips: 0.0.0.0/0, ::/0 | |
| Get google in default interface: | |
| <HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8"> | |
| <TITLE>301 Moved</TITLE></HEAD><BODY> | |
| <H1>301 Moved</H1> | |
| The document has moved | |
| <A HREF="http://www.google.com/">here</A>. | |
| </BODY></HTML> | |
| Get google in wg interface: | |
| curl: (28) Connection timed out after 10001 milliseconds | |
| am.i.mullvad.net in default interface: | |
| 68.183.198.174 | |
| am.i.mullvad.net in wg interface: | |
| curl: (6) Could not resolve host: am.i.mullvad.net # because I didn't setup DNS | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Show the system information | |
| printf "uname results:\n%s\n\n" "$(uname -a)" | |
| # Setup the conf files | |
| mkdir -p /etc/wireguard | |
| printf "%s" "[Interface] | |
| PrivateKey = <mullvad_private_key> | |
| #Address = 10.99.93.13/32,fc00:bbbb:bbbb:bb01::5d0d/128 | |
| #DNS = 193.138.218.74 | |
| [Peer] | |
| PublicKey = <mullvad_public_key> | |
| AllowedIPs = 0.0.0.0/0,::0/0 | |
| Endpoint = 193.148.18.210:51820" > /etc/wireguard/mullvad.conf | |
| chown root:root /etc/wireguard/* | |
| chmod 600 /etc/wireguard/* | |
| # Run it in the default namespace | |
| printf "%s\n" "Testing normal namespace..." | |
| ip link add wg0 type wireguard | |
| ip address add dev wg0 10.99.93.13/32 | |
| ip address add dev wg0 fc00:bbbb:bbbb:bb01::5d0d/128 | |
| wg setconf wg0 /etc/wireguard/mullvad.conf | |
| ip link set up dev wg0 | |
| # Test this interface | |
| printf "%s\n" "wg show info:" | |
| wg show | |
| printf "\n%s\n" "Get google in default interface:" | |
| curl -sSm 10 172.217.2.46 | |
| printf "\n%s\n" "Get google in wg interface:" | |
| curl -sSm 10 --interface wg0 172.217.2.46 | |
| printf "\n%s\n" "am.i.mullvad.net in default interface:" | |
| curl -sSm 10 https://am.i.mullvad.net | |
| printf "\n%s\n" "am.i.mullvad.net in wg interface:" | |
| curl -sSm 10 --interface wg0 https://am.i.mullvad.net | |
| printf "%s\n\n" "" | |
| # Cleanup | |
| ip link delete wg0 | |
| # Run it in a separate namespace | |
| printf "%s\n" "Testing new namespace..." | |
| ip netns add container | |
| ip link add wg0 type wireguard | |
| ip link set wg0 netns container | |
| ip -n container address add 10.99.93.13/32 dev wg0 | |
| ip -n container address add fc00:bbbb:bbbb:bb01::5d0d/128 dev wg0 | |
| ip netns exec container wg setconf wg0 /etc/wireguard/mullvad.conf | |
| ip -n container link set wg0 up | |
| # Test this interface | |
| printf "%s\n" "wg show info:" | |
| ip netns exec container wg show | |
| printf "\n%s\n" "Get google in default interface:" | |
| curl -sSm 10 172.217.2.46 | |
| printf "\n%s\n" "Get google in wg interface:" | |
| ip netns exec container curl -sSm 10 --interface wg0 172.217.2.46 | |
| printf "\n%s\n" "am.i.mullvad.net in default interface:" | |
| curl -sSm 10 https://am.i.mullvad.net | |
| printf "\n%s\n" "am.i.mullvad.net in wg interface:" | |
| ip netns exec container curl -sSm 10 --interface wg0 https://am.i.mullvad.net | |
| printf "%s\n\n" "" | |
| # Cleanup | |
| ip netns delete container |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment